[jasper/f20: 2/2] Merge branch 'f19' into f20

[Jiří Popelka]

commit 76d5098c14cf0046f2e7baf3794a064e97f33197
Merge: a7d18e2 206ab97
Author: Jiri Popelka <jpopelka at redhat.com>
Date:   Thu Dec 18 18:17:47 2014 +0100

    Merge branch 'f19' into f20

 jasper-CVE-2014-8137.patch |   57 ++++++++++++++++++++++++++++++++++++++++++++
 jasper-CVE-2014-8138.patch |   14 ++++++++++
 jasper.spec                |   42 +++++++++++++++++++-------------
 3 files changed, 96 insertions(+), 17 deletions(-)
---
diff --cc jasper.spec
index 253918b,fc6270a..2b81fdb
--- a/jasper.spec
+++ b/jasper.spec
@@@ -7,7 -7,7 +7,7 @@@ Summary: Implementation of the JPEG-200
  Name:    jasper
  Group:   System Environment/Libraries
  Version: 1.900.1
--Release: 26%{?dist}
++Release: 27%{?dist}
  
  License: JasPer
  URL:     http://www.ece.uvic.ca/~frodo/jasper/
@@@ -173,7 -177,11 +177,11 @@@ make chec
  
  
  %changelog
 -* Thu Dec 18 2014 Jiri Popelka <jpopelka at redhat.com> - 1.900.1-26
++* Thu Dec 18 2014 Jiri Popelka <jpopelka at redhat.com> - 1.900.1-27
+ - CVE-2014-8137 - double-free in jas_iccattrval_destroy() (oCERT-2014-012) (#1175761)
+ - CVE-2014-8138 - heap overflow in jp2_decode() (oCERT-2014-012) (#1175761)
+ 
 -* Thu Dec 04 2014 Jiri Popelka <jpopelka at redhat.com> - 1.900.1-25
 +* Thu Dec 04 2014 Jiri Popelka <jpopelka at redhat.com> - 1.900.1-26
  - CVE-2014-9029 - incorrect component number check in COC, RGN and QCC
                    marker segment decoders (#1170650)